Top Passwords of 2016

Every year, security analysts release a list of the top passwords used. These are usually compiled from the various lists of usernames and passwords which are leaked from hacks, such as the Yahoo hack of 2016 (which compromised almost 1 billion accounts.

No matter how these lists are compiled, they usually make interesting reading, this years report is by Keeper, a company that provides software to keep your passwords safe (I’m not commenting on their services, just stating what they do).

And the top 25 are. . .

123456

123456789

Qwerty

12345678

111111

1234567890

1234567

password

123123

987654321

Qwertyuiop

Mynoob

123321

666666

18atckd2w

7777777

1q2w3e4r

654321

555555

3rjs1la7qe

google

1q2w3e4r5t

123qwe

zxcvbnm

1q2w3e

Well, I think we can see where most of those come from. Apart from the number 15 and number 20 positions (which are guessed to be fake accounts created by bots for spam purposes, where the bots were programmed to use standard passwords), the passwords are either easily guessable ones (password, google, etc) or patterns of keys on the keyboard (qwerty, 123456, 1q2w3e, etc).

From a personal point of view, I find it interesting to see the passwords evolving over time, especially the long period of time I’ve been involved in computing. While the “qwerty” and “password” ones have always featured on the list, back a decade or two ago the passwords were far more geeky, with “dragon” being one of the most popular, along with “ncc1701” (the code number of the Enterprise in Star Trek), “gandalf” and “batman” always being popular. Ahh, those were the days when geeks ruled the internet.

Colours have always remained popular, “purple”, “orange”, “green” still showing in lists of passwords, so just in case you want to hack a co-workers email, ask them their favourite colour and you stand a better than average chance of guessing their password.

So if your password is on this list, obviously change it, choose something personal, and then stick random capitals in it and some numbers somewhere, and it should be pretty safe, but if you’re sticking with something obvious, you’re just asking for your email account to be hacked.

A mobile user is 67% more likely to purchase online on a mobile compatible website.